Shameless plug: my free site http://domainical.org/ will build an auto-updating calendar of domain and SSL certificate expirations that you can subscribe to in iCal, Google Calendar, etc. (assuming you just forgot to renew that cert)

Same problem for me: SNI seems to be broken, it always falls back to my default cert.

[Note: I am the author of the tool.]

Yes, it's somewhat restricted without SNI support. I wrote the tool back in 2009 when having SNI was not very useful (because there was virtually no support for it). Sadly, the situation has not improved much since. Had you tested with Internet Explorer running on Windows XP (which is what a huge chunk of the Internet population still runs), you will have found that SNI simply does not work there. That fact alone rules out SNI for web sites that have general audience as target.

Anyhow, a big update is planned for later this year. The Rating Guide, which determines the score, will be revised, the tool itself will be tweaked to become more actionable and include more documentation, and a number of very useful advanced features will be added. I expect we will also start showing historical information, as well as start tracking all public SSL sites.

Also, in two weeks' time we will be releasing an SSL/TLS Deployment Best Practices guide to help people configure their web sites correctly.

What kind of error do you get? It's probably related to the certificate that gets served when it makes a request to the bare IP address without a Host: header. In most cases, that's only going to match one or two of the domains you enter, unless you're using a wildcard certificate or one that includes all the DNS alternative names. Did it affect your score much?

Why include EXP or eNULL at all?